The next major release of BlackBerry UEM Client for iOS and Android devices, which is currently planned for the spring of 2019, will enforce TLS 1.2 as the minimum security version for communication between device and server. Previously, this enforcement was not possible because of backwards compatibility requirements between older versions of BlackBerry UEM and the UEM Clients. BlackBerry UEM 12.7.2, which reaches end of life March 29, 2019, is the last version of UEM that supports TLS 1.1. There will not be a corresponding release of UEM Client for Windows 8 devices and those devices will not be able to communicate with BlackBerry UEM 12.8 and later.
After the new UEM Client is released, iOS and Android devices that upgrade and that still connect to UEM version 12.7.2 or earlier, will be unable to communicate with the UEM server. Administrators will not be able to manage these devices; commands sent to the devices, such as wipe or unlock, and configuration updates to apps or IT policies, will not arrive on the device. Also, devices will be unable to contact UEM to pick up pending commands and actions. This might result in a breach of compliance rules and the work perimeter of the devices might get wiped.
To ensure that the minimum security version for communication between device and server is TLS 1.2, you must upgrade your organization’s BlackBerry UEM instances to version 12.8 or later, and upgrade the UEM Client on iOS and Android devices to the version planned for spring of 2019. You must upgrade Windows 8 devices to Windows 10 if possible, or the device must be replaced.